Read Ahead | Cover6 Solutions Workshops
This guide prepares you for our #Intro2Cyber & #SOCAnalystPrep
hands-on cybersecurity training.
First, we want to thank you for your interest in Cover6 Solutions. If you made it this far, you have most likely registered for one of our workshops. For that, we are forever grateful, and you will always be considered family to us.
This material summarizes the workshops, the hardware and software requirements, helpful videos, and educational references to help you better understand the class content.
Use the tabs below to view the material for your desired workshop.
EC-Council’s Essentials Series is the first MOOC certification course covering essential network defense skills, ethical hacking, and digital forensics. The Network Defense Essentials (N|DE), Ethical Hacking Essentials (E|HE), and Digital Forensics Essentials (D|FE) are foundational programs that help students, and early career professionals choose their area of competency or select a specific interest in cybersecurity.
The Essentials Series was designed to give students the foundation to build and develop the essential skills for tomorrow’s careers in cybersecurity. These programs teach learners various techniques across industry verticals, such as securing networks, mitigating cyber risks, conducting forensic investigations, and more.
- Cover6 Essentials Courses
The #Intro2Cyber Workshop is where we begin to gain some hands-on experience. It’s time to gain familiarity with your device and some of the primary tools you’ll see throughout your career.
For this workshop, you will need to install the following tools for your particular operating system:
- Nmap
- Wireshark
- Nessus Essentials
- Windows Sysinternals Suite (Windows)
- Clicking this link starts the download of the SysinternalsSuite.zip file
This Workshop will also require Kali Linux (Kali).
Although the tools can be installed in similar operating systems, these instructions are meant for Kali Linux only.
Step 1. Install a hypervisor
The hypervisor or virtual machine monitor is a software package that allows you to create a virtual machine (VM) on your host device/laptop. Any new virtual machine you make will be considered a guest machine.
We recommend installing VMWare Workstation Player, VirtualBox (Windows, OS X, Linux, or Solaris), or VMWare Fusion (Mac). For some reason, we’ve had several issues with students running VMWare Workstation. You can download a hypervisor from the following locations:
- VMWare Workstation Player (Free)
- Windows or Linux
- VMWare Workstation Pro ($199)
- Windows or Linux
- VMWare Fusion ($79.99)
- macOS 10.13 High Sierra or later
- VirtualBox (Free)
- Windows, Linux, OS X, and Solaris
The installation process for both VirtualBox and any VMWare products is a straightforward “push-through” install. Unless you have a specific folder where you want to save your virtual machines, you can accept all the default options.
Remember that each new VM will require processing power and memory from the host machine. Even with a minimum of 8 GB of RAM, a standard laptop could still fully power the two VMs needed to help you start.
Step 2. Download and install or import Kali
Disclaimer: Kali Linux is an operating system for hackers built by hackers. Upon installing Kali, you will own hundreds of tools. Please be aware of the power of these tools! Improper use of these tools outside of a training environment could lead to severe damage (for anyone you target) and/or jail time (for you).
You can use pre-configured virtual machines or install Kali straight from a .iso file. Use the images from “Kali Linux VirtualBox Images” if you use VirtualBox. You can find images and .iso files at the following locations:
For the .iso, we recommend using the Kali Linux 64-bit image. Also, select the right image for your hypervisor (VMWare or VirtualBox).
Step 3. Make the PostgreSQL service persistent
It is good to have the PostgreSQL service remain persistent (start on boot).
# sudo update-rc.d postgresql enableStep 4. Change the default SSH keys (optional)
To better protect your ssh sessions, we recommend that you change the default keys. You can create a folder to hold a backup copy of your current keys and then move the current keys to the backup folder.
# sudo mkdir /etc/ssh/backup-keys# sudo mv /etc/ssh/ssh_host_* /etc/ssh/backup-keysNow you can create a new set of ssh keys with the following command:
# sudo dpkg-reconfigure openssh-serverStep 5. Configure the Metasploit database
There are additional options to fine-tune and help secure your instance of Kali Linux. You can find some tips online by searching for “Things to do after installing Kali Linux.” For now, we recommend you have the Metasploit Database up and running in Kali. The database will help keep all your scans, vulnerabilities, exploits, and identified credentials or passwords in one place.
A few services are required depending on what version of Kali you have. You will need to start the PostgreSQL and Metasploit services for older versions. For newer versions, you will only need to start the PostgreSQL service.
Here are the commands to ensure your database works with a fresh Kali Linux install.
# sudo systemctl start postgresql# sudo msfdb init# sudo msfconsolemsf > workspaceAt this point, you should see a * Default workspace. If the default workspace appears after typing msfconsole and workspace, you are ready for the workshop!
The #SOCAnalystPrep workshop is the defensive equivalent of the #PentesterPrep workshop. It prepares you to work in a Security Operations Center (SOC) immediately upon completion. For this class, you will need the following tools installed:
- Nmap
- Wireshark
- Nessus Essentials
- Windows Sysinternals Suite
- Clicking this link starts the download of the SysinternalsSuite.zip file
- TryHackMe Account
- We will provide a 30-day VIP Voucher
- Kali Linux (Optional)
We DO NOT teach Kali Linux in this workshop. However, you will see offensive techniques used by the instructor to simulate attacker activity.
We will provide you access to the following online servers, so be sure to bookmark the following URLs:
Today the demand for cybersecurity professionals has never been higher, and the need for skilled defensive (blue team) analysts is especially urgent. At Cover6 we will provide the training you need to find your place in cyber. We focus on the fundamentals of network defense through real-world, hands-on instruction, and our workshop will offer you a path to a successful career as a Security Operations Center (SOC) Analyst.
SOC Analysts are highly sought-after professionals who identify compromised machines and respond to malicious activity. They use defensive security skills and techniques while working to mitigate any damage that may have occurred.
Our Virtual SOC Analyst Prep Workshop offers a comprehensive introduction to defensive tactics, techniques, and procedures. Students will learn various strategies to help defend against several attack scenarios.
A few of the tools and technologies that participants will explore include; Security Onion, Wireshark, Splunk, and Nessus. Also, our course is designed to help you prepare for the CySA+ exam and reflects the current exam objectives.
In this workshop students will:
- Analyze .pcap files and logs to identify Indicators of Compromise (IOC’s)
- Perform various incident handling and response procedures
- Use tools to implement initial threat hunting techniques
- Be prepared to work in a SOC on day 1
Breaking into Cybersecurity w/ Tyrone E. Wilson
Home Lab Setup | Building an Effective Cybersecurity Learning Environment
Passive Information Gathering
Common Network Services, Threats & Attacks
Active Information Gathering
IPv6 Enumeration & Attacks
Understanding the Metasploit Database
Incident Handling & Threat Hunting w/ Security Onion: Gain Hands-On Cybersecurity Experience
You can check out the following references to gain familiarity with terms and topics you will hear in class.